1. Physical Layer
Threats:
Eavesdropping: Someone secretly listens in or intercepts the data being transmitted.
Tampering: Physically damaging or accessing network equipment like cables or routers.
Interference: Signals get disturbed by external electromagnetic sources, causing communication problems.
2. Data Link Layer
Threats:
Fake Device Identity: Pretending to be another device by faking its unique hardware address (MAC address).
Trick Traffic Redirection: Sending false information so devices send data to the wrong place (ARP spoofing).
Overload Attack: Flooding a network switch with too much data so it stops working properly.
3. Network Layer
Threats:
Fake Sender ID: Pretending to be another computer by faking its IP address (IP spoofing).
Route Manipulation: Changing network paths to reroute data.
Flood Attack: Sending a massive number of requests to overwhelm the target (Smurf Attack).
4. Transport Layer
Threats:
Packet Flooding: Bombarding a system with random data packets (UDP Flood).
Fake Connections: Sending too many fake connection requests to freeze a server (SYN Flood).
5. Session Layer
Threats:
Session Takeover: Hijacking a user’s connection to a website or service.
Forced Login: Tricking a user into using a specific session ID.
Interception: Secretly capturing messages between two people or systems (Man-in-the-Middle).
6. Presentation Layer
Threats:
Data Corruption: Messing with compressed data files.
Encoding Issues: Exploiting weaknesses in the way data is translated between formats.
SSL Downgrade: Tricking users into using an insecure connection instead of a secure one (HTTP instead of HTTPS).
7. Application Layer
Threats:
Database Exploit: Inserting harmful commands into a website’s database (SQL Injection).
Script Injection: Adding malicious scripts to web pages (XSS).
Server Overload: Sending too much traffic to crash a website (DDoS Attack).
